feat: preparation for publishing wordpress plugin

.github/workflows/security.yml

@@ -0,0 +1,15 @@
+name: security
+on:
+  pull_request: {}
+  workflow_dispatch: {}
+jobs:
+  security:
+    permissions:
+      contents: read
+      checks: read
+      statuses: read
+      security-events: write
+    uses: affinidi/pipeline-security/.github/workflows/security-scanners.yml@feat/check-inherit
+    with:
+      config-path: .github/labeler.yml
+    secrets: inherit

Affinidi.php

@@ -0,0 +1,130 @@
+<?php
+
+// ABSPATH prevent public user to directly access your .php files through URL.
+defined('ABSPATH') or die('No script kiddies please!');
+
+/**
+ * The main class of plugin
+ */
+class Affinidi
+{
+    public $version = '1.0.0';
+
+    public static $_instance = null;
+
+    protected $default_settings = [
+        'active'               => 0,
+        'client_id'            => '',
+        'client_secret'        => '',
+        'backend'              => '',
+        'organization'         => '',
+        'server_oauth_trigger' => 'oauth',
+        'server_auth_endpoint' => 'auth',
+        'server_token_endpont' => 'token',
+        'server_user_endpoint' => 'userinfo'
+    ];
+
+    public function __construct()
+    {
+        add_action('init', [__CLASS__, 'includes']);
+        //add_action('init', [__CLASS__, 'custom_login']); // when activated, Affinidi Login will become the only login option
+    }
+
+    /**
+     * populate the instance if the plugin for extendability
+     *
+     * @return Affinidi
+     */
+    public static function instance()
+    {
+        if (is_null(self::$_instance)) {
+            self::$_instance = new self();
+        }
+
+        return self::$_instance;
+    }
+
+    /**
+     * plugin includes called during load of plugin
+     *
+     * @return void
+     */
+    public static function includes()
+    {
+        require_once(AFFINIDI_PLUGIN_DIR . '/includes/functions.php');
+        require_once(AFFINIDI_PLUGIN_DIR . '/includes/wp-affinidi-login-admin-options.php');
+        require_once(AFFINIDI_PLUGIN_DIR . '/includes/wp-affinidi-login-rewrites.php');
+    }
+
+    /**
+     * Plugin Setup
+     */
+    public function setup()
+    {
+        $options = get_option('affinidi_options');
+        if (!isset($options['backend'])) {
+            update_option('affinidi_options', $this->default_settings);
+        }
+        $this->install();
+    }
+
+    /**
+     * When wp-login.php was visited, redirect to the login page of affinidi
+     *
+     * @return void
+     */
+    public static function custom_login()
+    {
+        global $pagenow;
+        $activated = absint(affinidi_get_option('active'));
+        if ('wp-login.php' == $pagenow && $_GET['action'] != 'logout' && $activated) {
+            $url = get_affinidi_login_url();
+            wp_redirect($url);
+            exit();
+        }
+    }
+
+    public function logout()
+    {
+        $auto_sso = absint(affinidi_get_option('auto_sso'));
+        if (!$auto_sso) {
+            wp_redirect(home_url());
+            die();
+        }
+    }
+
+    /**
+     * Loads the plugin styles and scripts into scope
+     *
+     * @return void
+     */
+    public function wp_enqueue()
+    {
+        // Registers the script if $src provided (does NOT overwrite), and enqueues it.
+        wp_enqueue_script('jquery-ui-accordion');
+        // Registers the style if source provided (does NOT overwrite) and enqueues.
+        wp_enqueue_style('affinidi_admin');
+        wp_enqueue_script('affinidi_admin');
+    }
+
+    /**
+     * Plugin Initializer
+     */
+    public function plugin_init()
+    {
+    }
+
+    /**
+     * Plugin Install
+     */
+    public function install()
+    {
+    }
+
+    /**
+     * Plugin Upgrade
+     */
+    public function upgrade()
+    {
+    }
+}

CONTRIBUTING.md

@@ -0,0 +1,22 @@
+# Contributing to Affinidi Login for WordPress
+
+## Getting started
+
+1. Clone the repository
+2. Zip the files excluding MD files and docs folder.
+3. Upload the Zip file to your WordPress instance.
+4. Activate and configure the plugin.
+
+## Github repository & pull requests
+
+Please follow semantic release conventions for your commits and pull request names.
+Read about it here: https://github.com/semantic-release/semantic-release
+
+For example, a correct commit name or pull request name is: 
+
+`fix: add test`
+
+`feat: implement a tree view`
+
+Don't forget to write a meaningful description to your pull request.
+If necessary, attach a screenshot of UI changes.

NOTICE.txt

@@ -0,0 +1 @@
+This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of this notice when they are further distributing this code.

README.md

@@ -0,0 +1,61 @@
+# Affinidi Login for WordPress
+
+AUGMENT EXPERIENCES WITH A SAFER, SIMPLER AND MORE PRIVATE WAY TO LOGIN
+
+## Description ##
+
+A paradigm shift in the registration and sign-in process, Affinidi Login is a game-changing solution for developers. With our revolutionary passwordless authentication solution your user's first sign-in doubles as their registration, and all the necessary data for onboarding can be requested during this streamlined sign-in/signup process. End users are in full control, ensuring that they consent to the information shared in a transparent and user-friendly manner. This streamlined approach empowers developers to create efficient user experiences with data integrity, enhanced security and privacy, and ensures compatibility with industry standards.
+
+| Passwordless Authentication | Decentralised Identity Management | Uses Latest Standards |
+|---|---|---|
+| Offers a secure and user-friendly alternative to traditional password-based authentication by eliminating passwords and thus removing the vulnerability to password-related attacks such as phishing and credential stuffing. | Leverages OID4VP to enable users to control their data and digital identity, selectively share their credentials and authenticate themselves across multiple platforms and devices without relying on a centralised identity provider. | Utilises OID4VP to enhance security of the authentication process by verifying user authenticity without the need for direct communication with the provider, reducing risk of tampering and ensuring data integrity. |
+
+
+## More References and Resources ##
+
+1. List the available data points in Affinidi User Vault [here](https://docs.affinidi.com/docs/affinidi-vault/affinidi-vault-data/#user-profile-individual-data-points).
+2. Requesting User Data from Affinidi User Vault [here](https://docs.affinidi.com/docs/affinidi-vault/requesting-user-data/).
+3. Restrict User Login for your Application [here](https://docs.affinidi.com/docs/use-cases/restrict-user-login/).
+4. For Information on the latest updates and improvements to the Affinidi Trust Network, refer to [Changelog](https://docs.affinidi.com/changelog/) page.
+
+## Troubleshooting ##
+
+**Common Errors**
+
+Refer list of [common issues, misconfigurations, and their resolution](https://docs.affinidi.com/other-resources/resolving-common-issues/) to help you get up and running quickly
+
+If you encounter any other issues during the integration, please connect us filling out the [Contact Us](https://www.affinidi.com/get-in-touch). One of us will take a look on the Issue.
+
+## Installation ##
+
+1. Upload to the /wp-content/plugins/ directory
+2. Activate the plugin
+3. Visit Settings > Affinidi Login and follow the steps to configure Affinidi Login
+
+### Set up Affinidi Login ###
+
+To configure the integration with Affinidi Login, Create Login Configuration using [Affinidi CLI](https://docs.affinidi.com/dev-tools/affinidi-cli/manage-login/#affinidi-login-create-config) or [Affinidi Developer Portal](https://docs.affinidi.com/dev-tools/affinidi-portal/#create-a-login-configuration)
+
+## Frequently Asked Questions ##
+### What is Affinidi Login? ###
+
+Affinidi Login simplifies and secures login processes with passwordless authentication using OID4VP, empowering users with data control and privacy. It offers flexible integration options and simplified development to save time and resources, making it a game-changing solution for developers. Visit [this page](https://www.affinidi.com/product/affinidi-login) to learn more.
+
+### What is a Login Configuration, and why do I need it? ###
+
+A Login Configuration is a setup that allows you to integrate Affinidi Login into your application, enabling a passwordless login experience. It contains essential information such as the name of your configuration, redirect URIs, and client credentials. Visit [this page](https://docs.affinidi.com/docs/affinidi-login/login-configuration/) to learn more.
+
+### How do I begin implementing Affinidi Login? ###
+
+To get started, use the [Affinidi CLI](https://github.com/affinidi/affinidi-cli) or [Affinidi Portal](https://portal.affinidi.com/). This toolset enables developers to create, customise, and manage login configurations, making it easier to integrate Affinidi Login into your applications. For more details, explore our guide on [Login Configuration](https://docs.affinidi.com/docs/affinidi-login/).
+
+### How can I reach out for further support? ###
+
+We are here to help. Please [Contact Us](https://www.affinidi.com/get-in-touch) and relevant personal will reach out to assist you further.
+
+## Changelog ##
+
+### 1.0.0 ###
+
+* Initial release of Affinidi Login for WordPress.
+* Passwordless authentication using Affinidi Login.

SECURITY.md

@@ -0,0 +1 @@
+To report a security issue, please email [email protected] with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.